SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
HP finds remote work is creating a growing cybersecurity risk
Tue, 18th May 2021
FYI, this story is more than a year old

HP has released a security report finding remote work is creating a growing cybersecurity risk.

The report, HP Wolf Security Blurred Lines - Blindspots, shows changing work styles and behaviours are creating new vulnerabilities for companies, individuals, and their data. According to the findings, 70% of office workers surveyed say they use work devices for personal tasks, while 69% use personal laptops or printers for work activities. Almost one-third of remote workers surveyed have let someone else use their work device.

As a result, home workers are increasingly being targeted by hackers. International and independent analyst firm KuppingerCole contributed to HP's report and says there has been a 238% increase in global cyberattack volume during the pandemic.

“As the lines between work and home have blurred, security risks have soared and everyday actions such as opening an attachment can have serious consequences,” says HP's chief information security officer, Joanna Burkey.

“Without all the pre-pandemic sources of visibility of devices, and how they are being used and by whom, IT and security teams are working with a clouded vision.

The report coincides with the launch of HP Wolf Security, the company's new portfolio of secure-by-design PCs and printers, hardware-enforced endpoint security software, and endpoint security services. And the study combines findings from a global YouGov online survey of 8,443 office workers, a global survey of 1,100 IT Decision Makers conducted by Toluna, real-world threat telemetry gathered from customers within HP Sure Click virtual machines, and analysis from KuppingerCole.

Of the employees surveyed, 71% say they are accessing more company data from home now than they did pre-pandemic, with the most common types of data being accessed being customer and operational data, and financial and HR records. While at the same time the HP Wolf Security report shows office workers are increasingly using their work devices for personal tasks.

Hackers are taking advantage of these shifting patterns to tailor phishing campaigns. According to KuppingerCole, there was a 54% increase in malicious actors exploiting gaming platforms between January and April 2020, often directing users to phishing pages.

HP Wolf Security's Threat Insights showed an increase in gaming-themed malware, with Ryuk ransomware and samples of JavaScript downloader malware Gootloader masquerading as Fortnite hacks.

Apart from misusing work devices for personal reasons, the report finds that office workers are also using potentially insecure devices to connect to the corporate network, with many IT decision-makers say they worry the risk of a breach has risen because employees are using personal devices for work that are not built with business security in mind.

According to HP, one of the key reasons for the growing security risks is due to distributed workers no longer being protected by the corporate firewall. Data from KuppingerCole shows that globally in 2020, endpoints connected to the internet were experiencing 1.5 attacks per minute. As a result, 90% of ITDMs say the pandemic experience of 2020 highlighted the growing importance of strong endpoint security in defending the increasingly perimeter-less organisation, while 91% say endpoint security has become equally important as network security.

“The nature of the endpoint continues to evolve and diversify, many connected devices that employees use in their working-from-home environment have contributed to the breakdown of the corporate IT infrastructure and network, including printers,” says KuppingerCole senior analyst, Anne Bailey.